[Open-scap] OpenSCAP Work bench on Windows
Joseph Roscioli
roscioli812 at gmail.com
Tue May 22 13:44:35 UTC 2018
Hello,
My company provides Distributed Control Systems. The User interface is
Windows. We harden the machines per DoD STIGS via GPOs. We would like to
use the OpenSCAP to audit the systems before and after the GPOs are applied.
I downloaded the Workbench to do a trial run. I installed the Windows
version of the SCAP Workbench 1.1.5 on a Windows 7 machine. Ultimately I
would like to scan Windows 7 and Windows 10 machines.
Is the Workbench suitable for use on these platforms?
Any particular reason why the "Local Machine" radio button disabled?
Next:
I tried to do a scan of another Windows 7 machine using the
U_Windows_7_V1R36_STIG_SCAP_1-2_Benchmark.xml.
On the target machine I installed the latest OpenSSH from the WinSCP site
OpenSSH-Win64. The sshd and ssh-agent start automatically.
The manual states that the target should also have oscap >= 0.8.0
installed, however I could not find a binary for it. Is this missing piece
the issue?
I have to build this myself.
The scan always fails. I constantly get the following error below.
I'm new to SSH and I'm not sure if there is more configuration I have to
do, such as generating keys on the target and installing them on the
machine where the Workbench is running.
Also, an Etherreal capture doesn't show any ssh protocol traffic.
Any help would be appreciated.
Thank you in advance,
Joe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20180522/193f3dd4/attachment.htm>
More information about the Open-scap-list
mailing list